From: Marco Elver <elver@google.com>
To: Kees Cook <keescook@chromium.org>
Cc: Jann Horn <jannh@google.com>, Jonathan Corbet <corbet@lwn.net>,
Andrew Morton <akpm@linux-foundation.org>,
Baolin Wang <baolin.wang@linux.alibaba.com>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Eric Biggers <ebiggers@google.com>,
Huang Ying <ying.huang@intel.com>, Petr Mladek <pmladek@suse.com>,
tangmeng <tangmeng@uniontech.com>,
"Guilherme G. Piccoli" <gpiccoli@igalia.com>,
Tiezhu Yang <yangtiezhu@loongson.cn>,
Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
linux-doc@vger.kernel.org, Greg KH <gregkh@linuxfoundation.org>,
Linus Torvalds <torvalds@linuxfoundation.org>,
Seth Jenkins <sethjenkins@google.com>,
Andy Lutomirski <luto@kernel.org>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Arnd Bergmann <arnd@arndb.de>, Dmitry Vyukov <dvyukov@google.com>,
Peter Zijlstra <peterz@infradead.org>,
Juri Lelli <juri.lelli@redhat.com>,
Vincent Guittot <vincent.guittot@linaro.org>,
Dietmar Eggemann <dietmar.eggemann@arm.com>,
Steven Rostedt <rostedt@goodmis.org>,
Ben Segall <bsegall@google.com>, Mel Gorman <mgorman@suse.de>,
Daniel Bristot de Oliveira <bristot@redhat.com>,
Valentin Schneider <vschneid@redhat.com>,
Andrey Ryabinin <ryabinin.a.a@gmail.com>,
Alexander Potapenko <glider@google.com>,
Andrey Konovalov <andreyknvl@gmail.com>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Luis Chamberlain <mcgrof@kernel.org>,
David Gow <davidgow@google.com>,
"Paul E. McKenney" <paulmck@kernel.org>,
Anton Vorontsov <anton@enomsg.org>,
Mauro Carvalho Chehab <mchehab+huawei@kernel.org>,
Laurent Dufour <ldufour@linux.ibm.com>,
Rob Herring <robh@kernel.org>,
linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com,
linux-mm@kvack.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH v2 5/6] panic: Introduce warn_limit
Date: Mon, 14 Nov 2022 10:48:38 +0100 [thread overview]
Message-ID: <CANpmjNO_ujNwaFxpsAWWXhBajhV8LJMXQjCHiSLHKG2Dc+od4A@mail.gmail.com> (raw)
In-Reply-To: <20221109200050.3400857-5-keescook@chromium.org>
On Wed, 9 Nov 2022 at 21:00, Kees Cook <keescook@chromium.org> wrote:
>
> Like oops_limit, add warn_limit for limiting the number of warnings when
> panic_on_warn is not set.
>
> Cc: Jonathan Corbet <corbet@lwn.net>
> Cc: Andrew Morton <akpm@linux-foundation.org>
> Cc: Baolin Wang <baolin.wang@linux.alibaba.com>
> Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>
> Cc: Eric Biggers <ebiggers@google.com>
> Cc: Huang Ying <ying.huang@intel.com>
> Cc: Petr Mladek <pmladek@suse.com>
> Cc: tangmeng <tangmeng@uniontech.com>
> Cc: "Guilherme G. Piccoli" <gpiccoli@igalia.com>
> Cc: Tiezhu Yang <yangtiezhu@loongson.cn>
> Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
> Cc: linux-doc@vger.kernel.org
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
> Documentation/admin-guide/sysctl/kernel.rst | 9 +++++++++
> kernel/panic.c | 13 +++++++++++++
> 2 files changed, 22 insertions(+)
>
> diff --git a/Documentation/admin-guide/sysctl/kernel.rst b/Documentation/admin-guide/sysctl/kernel.rst
> index 09f3fb2f8585..c385d5319cdf 100644
> --- a/Documentation/admin-guide/sysctl/kernel.rst
> +++ b/Documentation/admin-guide/sysctl/kernel.rst
> @@ -1508,6 +1508,15 @@ entry will default to 2 instead of 0.
> 2 Unprivileged calls to ``bpf()`` are disabled
> = =============================================================
>
> +
> +warn_limit
> +==========
> +
> +Number of kernel warnings after which the kernel should panic when
> +``panic_on_warn`` is not set. Setting this to 0 or 1 has the same effect
> +as setting ``panic_on_warn=1``.
> +
> +
> watchdog
> ========
>
> diff --git a/kernel/panic.c b/kernel/panic.c
> index 3afd234767bc..b235fa4a6fc8 100644
> --- a/kernel/panic.c
> +++ b/kernel/panic.c
> @@ -58,6 +58,7 @@ bool crash_kexec_post_notifiers;
> int panic_on_warn __read_mostly;
> unsigned long panic_on_taint;
> bool panic_on_taint_nousertaint = false;
> +static unsigned int warn_limit __read_mostly = 10000;
>
> int panic_timeout = CONFIG_PANIC_TIMEOUT;
> EXPORT_SYMBOL_GPL(panic_timeout);
> @@ -88,6 +89,13 @@ static struct ctl_table kern_panic_table[] = {
> .extra2 = SYSCTL_ONE,
> },
> #endif
> + {
> + .procname = "warn_limit",
> + .data = &warn_limit,
> + .maxlen = sizeof(warn_limit),
> + .mode = 0644,
> + .proc_handler = proc_douintvec,
> + },
> { }
> };
>
> @@ -203,8 +211,13 @@ static void panic_print_sys_info(bool console_flush)
>
> void check_panic_on_warn(const char *reason)
> {
> + static atomic_t warn_count = ATOMIC_INIT(0);
> +
> if (panic_on_warn)
> panic("%s: panic_on_warn set ...\n", reason);
> +
> + if (atomic_inc_return(&warn_count) >= READ_ONCE(warn_limit))
> + panic("Warned too often (warn_limit is %d)", warn_limit);
Shouldn't this also include the "reason", like above? (Presumably a
warning had just been generated to console so the reason is easy
enough to infer from the log, although in that case "reason" also
seems redundant above.)
next prev parent reply other threads:[~2022-11-14 9:49 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-09 20:00 [PATCH next v2 0/6] exit: Put an upper limit on how often we can oops Kees Cook
2022-11-09 20:00 ` [PATCH v2 1/6] panic: Separate sysctl logic from CONFIG_SMP Kees Cook
2022-11-09 21:48 ` Bill Wendling
2022-11-10 0:02 ` Kees Cook
2022-11-09 20:00 ` [PATCH v2 2/6] exit: Put an upper limit on how often we can oops Kees Cook
2022-11-09 20:00 ` [PATCH v2 3/6] exit: Expose "oops_count" to sysfs Kees Cook
2022-11-09 20:00 ` [PATCH v2 4/6] panic: Consolidate open-coded panic_on_warn checks Kees Cook
2022-11-14 9:57 ` Marco Elver
2022-11-17 23:28 ` Kees Cook
2022-11-09 20:00 ` [PATCH v2 5/6] panic: Introduce warn_limit Kees Cook
2022-11-14 9:48 ` Marco Elver [this message]
2022-11-17 23:27 ` Kees Cook
2022-11-09 20:00 ` [PATCH v2 6/6] panic: Expose "warn_count" to sysfs Kees Cook
2022-11-09 21:16 ` [PATCH next v2 0/6] exit: Put an upper limit on how often we can oops Luis Chamberlain
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CANpmjNO_ujNwaFxpsAWWXhBajhV8LJMXQjCHiSLHKG2Dc+od4A@mail.gmail.com \
--to=elver@google.com \
--cc=Jason@zx2c4.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=anton@enomsg.org \
--cc=arnd@arndb.de \
--cc=baolin.wang@linux.alibaba.com \
--cc=bigeasy@linutronix.de \
--cc=bristot@redhat.com \
--cc=bsegall@google.com \
--cc=corbet@lwn.net \
--cc=davidgow@google.com \
--cc=dietmar.eggemann@arm.com \
--cc=dvyukov@google.com \
--cc=ebiederm@xmission.com \
--cc=ebiggers@google.com \
--cc=glider@google.com \
--cc=gpiccoli@igalia.com \
--cc=gregkh@linuxfoundation.org \
--cc=jannh@google.com \
--cc=juri.lelli@redhat.com \
--cc=kasan-dev@googlegroups.com \
--cc=keescook@chromium.org \
--cc=ldufour@linux.ibm.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=mcgrof@kernel.org \
--cc=mchehab+huawei@kernel.org \
--cc=mgorman@suse.de \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=pmladek@suse.com \
--cc=robh@kernel.org \
--cc=rostedt@goodmis.org \
--cc=ryabinin.a.a@gmail.com \
--cc=sethjenkins@google.com \
--cc=tangmeng@uniontech.com \
--cc=torvalds@linuxfoundation.org \
--cc=vincent.guittot@linaro.org \
--cc=vincenzo.frascino@arm.com \
--cc=vschneid@redhat.com \
--cc=yangtiezhu@loongson.cn \
--cc=ying.huang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).